"Dual WAN connections are greatly simplified and point-to-point VPNs automatically connect regardless of what WAN connection is active."
"The most valuable feature is that we didn't have any problems with Meraki MX."
"It is very easy to use and manage. It is also very easy to scale."
"It has very good features; it's easy to use, configure, set up, and deploy."
"It has the most advanced security features, for example, layer 3 and layer 7 firewall capabilities and the end team and IPS protection. It also has IPS, and it has very good functioning of cloning services. You don't actually have to touch the device. If you have multiple companies in different countries, you don't really require this device to be touched. You can get it delivered directly to any office of a country, and then you can simply put your configuration over the cloud. It's very simplified and easy to manage. It gives a very good granular visibility about your network. Earlier, a lot of things were lacking in the network. We were unable to identify where the problem was, but after implementing Meraki MX, we are able to dig down and identify where is the problem. We can easily and quickly identify the sources and the root causes of the issues."
"They have very good technical support and I have relied heavily on them."
"Both the scalability and the scalability are great with Meraki MX."
"Point-to-point VPNs can dynamically follow IP changes with no need for static IPs."
"Web publishing is important, as well as the importance of the antivirus patch."
"We found the initial setup to be straightforward."
"It is very easy to configure and straightforward. The firewall rules are straightforward. It works great out of the box. It has been working as advertised, and I haven't had any issues with it."
"The simplicity of the setup is the most valuable feature."
"The simplicity and timely updates."
"The initial setup was straightforward."
"We find it easy to use. Its internal configuration is very easy. It is not complicated in terms of use and configuration. It has been fairly stable, and it is also scalable."
"I like the tunneling part which we are using for the VOIP. We have various other sites where we connect via tunneling. The tunneling part is very fast and easy to implement."
"When we do API integrations with Meraki, they have always been hard as well as tedious to build. The data that we want out of the API integrations has been only recently available. Six months ago, it was hard to get someone to build something correctly or useful with Meraki APIs. Recently, they have made more data available on the API, but it is just a start. They need to do more."
"Meraki tech support staff have a lot more visibility into your network than you do, which is frustrating at times. I understand the approach is to keep the dashboard easier to understand. This will frustrate more advanced users at times."
"You can only have one tunnel in the whole infrastructure — one tunnel with one device."
"The whole Cisco Meraki range requires easier access for cameras. For a security center, it would be helpful to have easier access to cameras through the portal. Its licensing cost could also be better."
"Management can be improved in Meraki MX."
"In general, the SD-WAN feature needs to be improved. The load sharing and load balancing of the traffic should be improved. I have had some problems with these features in the past."
"You cannot use switching behaviors as you see on the Meraki switch."
"It would be nice if the different services, including the SIEM SOC and endpoint detection and response (EDR) were integrated into one, so that I don't have to go to different vendors for different services."
"We are facing some problems on this firmware version, version 18, that require improvement. We want to improve the email security because it doesn't give proper security with the data protection. Also, our clients are facing some problems where most of the sites which they're accessing are getting blocked. I want to improve those sites, that email security, and the data protection on the Firmware version 18."
"The main problem with Sophos XG today is that it doesn't have a feature where you actually know the quality of an international link, which would allow us to we know if the link is operational or not. We need more information. It's losing packets on the network. It's high latency. So, we need more information to know if the link is really bad or really good, and today, we will only know if it's working and this just isn't enough."
"I would want the level of integration to have another device on your network that is also reliable."
"LAN inbound and outbound traffic requires more control."
"The reaction time of the GUI is terrible when compared to other manufacturers."
"I would like to have more artificial intelligence in the web monitoring service that comes with it. It should alert us when particular events happen. It has already got some of that. I know that it is more of a service, and Sophos is already looking at it. It is called SIEM."
"The reporting could be improved in this solution by adding more details."
"The current bandwidth consumption is no longer shown in the XG and XGS."
Meraki MX is ranked 1st in Unified Threat Management (UTM) with 17 reviews while Sophos XG is ranked 5th in Firewalls with 130 reviews. Meraki MX is rated 8.4, while Sophos XG is rated 8.2. The top reviewer of Meraki MX writes "Makes it easy to stay on top of everything for security". On the other hand, the top reviewer of Sophos XG writes "Light and stable with excellent real-time control ". Meraki MX is most compared with Fortinet FortiGate, Cisco ASA Firewall, Cisco Firepower NGFW Firewall, Palo Alto Networks NG Firewalls and SonicWall NSa, whereas Sophos XG is most compared with Fortinet FortiGate, pfSense, Palo Alto Networks NG Firewalls, Sophos UTM and WatchGuard Firebox. See our Meraki MX vs. Sophos XG report.
We monitor all Unified Threat Management (UTM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Meraki is designed for zero deployments and no in-house firewall specialist personnel. Best to secure Networks like remote offices, branches or home offices. Also to protect Internet Access (your computer accesses the internet).
Sophos is more of a professional firewall, not only protecting internet access but also providing security for publishing services like web servers, data centers, central services. They will need a specialist to install and support them. Therefore offer much more sophisticated protection features.
So, you can't really compare these solutions as they are targeting different markets.
Meraki MX is a small business product and lacks a lot of features compared to Sophos XG/XGS.
- IPsec IKEv2 does not work (it is in the menu, but does not work and can only be enabled by meraki support)
- no SSLVPN or IPsec VPN client. AnyConnect can only be tested with beta firmware.
Cisco Client VPN (L2TP) is a total joke - not sure for who it is meant for?
- no user based firewall rules (for VPN)
- no firewall rule grouping
- no masquerade option for DNAT (sometimes it is very useful if I can do a DNAT with masquerade to another subnet)
- no VLAN tagging support on WAN port (would be usable for IPTV - solvable if WAN is bypassed through a managed switch)
- no multiple IP support on WAN port (Sophos has alias support on every interface, which means that multiple IP addresses can be added on the same LAN or WAN port)
- no LAG or LACP support (would be usable to connect aggregation switch to firewall to bypass more traffic through the MX)
- no DAC cable support for SFP port (why I do have to use optical cable to connect aswitch?)
- no custom IPS policies - only on/off button
- no e-mail protection option (Sophos has it with extra license)
- no web server protection (Sophos has it with extra license)
- no sandstorm option (most firewalls have it with extra license)
- hardware may probably too weak compared to the user count
- no BGP, OSPF routing
- no multiple VPN user groups and LDAP servers
Cisco mx64, for example, has 2 WANs, is very practical and simple for the two services, has a balancing for two internet services and bandwidth control (by groups and users).